示例
包含以下输入字段: 必须与可选文本字段,单选按钮,及提交按钮:
首先是简单的表单代码:
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
名字: <input type="text" name="name"><br/><br/>
E-mail: <input type="text" name="email"><br/><br/>
网址: <input type="text" name="website"><br/><br/>
备注: <textarea name="comment" rows="5" cols="40"></textarea><br/><br/>
性别:<input type="radio" name="gender" value="female">女
<input type="radio" name="gender" value="male">男
<br/><br/>
<input type="submit" name="submit" value="Submit">
</form>
注意:action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
这里是为了避免 CSS (Cross-Site Script) 跨站脚本攻击。
当用户提交表单时,我们将做以下两件事情:
1、使用 PHP trim() 函数去除用户输入数据中不必要的字符 (如:空格,tab,换行)。
2、使用PHP stripslashes()函数去除用户输入数据中的反斜杠 ()
将这些过滤的函数写在一个我们自己定义的函数中,这样可以大大提高代码的复用性,对上面的表单代码进行修改:
<html>
<body>
<?php
// 定义变量并默认设置为空值
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$name = test_input($_POST["name"]);
$email = test_input($_POST["email"]);
$website = test_input($_POST["website"]);
$comment = test_input($_POST["comment"]);
$gender = test_input($_POST["gender"]);
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
名字: <input type="text" name="name"><br/><br/>
E-mail: <input type="text" name="email"><br/><br/>
网址: <input type="text" name="website"><br/><br/>
备注: <textarea name="comment" rows="5" cols="40"></textarea><br/><br/>
性别:<input type="radio" name="gender" value="female">女
<input type="radio" name="gender" value="male">男
<br/><br/>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>您输入的内容是:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>
</body>
</html>
PHP - 必需字段
"名字", "E-mail", 和 "性别" 字段是必需的,各字段不能为空,网址可选, 如果存在,它必需包含一个有效的URL。
修改上面的代码:
<html>
<body>
<?php
// 定义变量并默认设置为空值
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST"){
if (empty($_POST["name"])){
$nameErr = "名字是必需的。";
}else{
$name = test_input($_POST["name"]);
}
if (empty($_POST["email"])){
$emailErr="邮箱是必需的。";
}else{
$email = test_input($_POST["email"]);
}
if (empty($_POST["website"])){
$website = "";
}else{
$website = test_input($_POST["website"]);
}
if (empty($_POST["comment"])){
$comment = "";
}else{
$comment = test_input($_POST["comment"]);
}
if (empty($_POST["gender"])){
$genderErr="性别是必须的。";
}else{
$gender = test_input($_POST["gender"]);
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<style>
.error
{ text-align:"center";color:red;}
</style>
<p><span class="error">* 必填字段。</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
名字: <input type="text" name="name">
<span class="error">* <?php echo $nameErr;?></span>
<br/><br/>
E-mail: <input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
<br/><br/>
网址: <input type="text" name="website">
<span class="error"><?php echo $websiteErr;?></span>
<br/><br/>
备注: <textarea name="comment" rows="5" cols="40"></textarea><br/><br/>
性别:<input type="radio" name="gender" value="female">女
<input type="radio" name="gender" value="male">男
<span class="error">* <?php echo $genderErr;?></span>
<br/><br/>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>您输入的内容是:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>
</body>
</html>
网友评论